Home page logo
/
metasploit logo
Metasploit Mailing List

Development discussion for Metasploit, the premier open source remote exploitation tool

List Archives

Jan–MarApr–JunJul–SepOct–Dec
2014203017
20139855306
20121271197120
2011209275287192
2010411512474415
2009455435244426
2008237120189362
2007450501433230
2006159168188220
200590121152160
200416104116
20034

Latest Posts

Re: vim syntax highlighting for rc files Tod Beardsley (Sep 07)
We don't do this because it's easy, we do it because it's hard. :)

Re: vim syntax highlighting for rc files Robin Wood (Sep 07)
Wouldn't have thought it was easy but not being easy doesn't normally stop
people.

Robin

Re: vim syntax highlighting for rc files Tod Beardsley (Sep 07)
They're nearly always a mix of console commands and chunks of ruby. Sometimes they have bash/OS commands, too. So,
you're looking at two and maybe three intermixed styles. Not trivial?

vim syntax highlighting for rc files Robin Wood (Sep 05)
Anyone got a vim syntax highlighter for Metasploit resource files?

I know they are mostly Ruby but not completely.

Robin

Re: metasploit pro admin (Sep 02)
????

引述 Tod Beardsley <todb () packetfu com>:

Report auth info service name for logins Pedro Ribeiro (Sep 01)
Hi,

I'm making an auxiliary module that extracts login credentials for Windows
and Linux.

Simple question: what service name should I use for report_auth_info? Is
there a convention or enum that lists it? At the moment I'm simply using
"login".

Regards
Pedro

Re: metasploit pro Tod Beardsley (Aug 31)
Hi Tony. You can get a 14-day free trial of Metasploit Pro (with a key) by
clicking on the "Download Metasploit Pro" button, here:
http://www.metasploit.com/download/

metasploit pro Tony Lovén (Aug 31)
I would to get a metasploit pro serial key to be send to e-mail address.

loven83 () gmail com

Re: Bypassing AV for Java payloads Michael Schierl (Aug 02)
Am 02.08.2014 um 21:44 schrieb HD Moore:

In fact, the two repos forked somewhen in 2010 off JavaPayload-1.0.zip,
even before the point where I put it into the SVN repo that was later
converted to my Git repo (Yes, all the time from JavaPayload 1.0 to 1.1,
there did not exist any source control repo at all, primarily because I
thought it won't get that big).

And the code base evolved quite differently.

Metasploit-Javapayload:
- One...

Re: Bypassing AV for Java payloads HD Moore (Aug 02)
Thanks Michael!

It looks like framework uses the metasploit-javapayload repository, which has support for Android, but may be missing
some of the code written between 10-12 months ago in your repository.

The obfuscator approach looks reasonable (and definitely effective) and there really is no reason we shouldn't try to
build them into the Java exploit modules through a mixin that falls back to static files when java is not present.

The...

Re: Bypassing AV for Java payloads Michael Schierl (Aug 02)
Am 02.08.2014 um 07:12 schrieb HD Moore:

More precisely, nobody has tried to integrate obfuscators/crypters for
Java payloads into Metasploit. My JavaPayload repository contains (quite
simplistic) crypters for Jar and War files (both those generated by
Metasploit and by JavaPayload) for more than two years now, and despite
the fact that I never changed them in the last two years, obfuscating a
stock Metasploit JAR file [1] creates quite decent...

Re: Bypassing AV for Java payloads HD Moore (Aug 02)
There is no reason it cant - We even ship the JRE with the official installer, but so far nobody has built obfuscators
for the java payloads. If you do so without needing the JDK installed to rebuild each time, even better.

-HD

Bypassing AV for Java payloads Pedro Ribeiro (Aug 02)
Hi,

I'm testing a module that uses a Java WAR payload, and it's detected
by most AVs, even a 2 year old Windows Defender installation.

I know this is an arms race, but what can we do to make the Java
payload harder to detect in the framework? Can it be regenerated /
packed at every run? Or maybe have some kind of git hook that
regenerates it at every new release?

Regards,
Pedro

Re: Deploying meterpreter / some other payload to NAT'ed devices egypt (Jul 28)
The recently-added reverse_hop_http[1] stager, thanks to scriptjunkie,
might give you a means of achieving 3a. If the server is not running PHP,
at least it will give you a starting point. Implementing the proxy in
multiple languages for scenarios like this would be useful.

[1]:
https://github.com/rapid7/metasploit-framework/blob/master/lib/msf/core/handler/reverse_hop_http.rb

Deploying meterpreter / some other payload to NAT'ed devices Pedro Ribeiro (Jul 28)
Hi,

I'm building a metasploit module that abuses a vulnerability in a server
that deploys software packages to clients
The idea is to:
1) gain administrative access to the server
2) use the admin access to deploy a payload to the clients
3a) get the clients to connect back using the server as a proxy (they might
be NAT'ed of otherwise inaccessible from the attacking machine)
OR
3b) deploy some kind of payload that allows me to control...

More Lists

Dozens of other network security lists are archived at SecLists.Org.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault